Open to opportunities

John User

@johnuser6

Message

Chief Information Security Officer with a decade of cybersecurity and risk management experience.

Philippines

Message

What I'm looking for

I seek senior information-security leadership roles where I can lead strategy, ensure regulatory compliance, and strengthen incident response and security posture in collaborative, mission-driven organizations.

I am a seasoned Chief Information Security Officer with over ten years of hands-on experience in cybersecurity, risk management, and compliance. I build strategic security programs aligned to organizational goals and regulatory requirements.

I have led IS awareness campaigns, managed large-scale vulnerability and penetration testing programs, and implemented ISO27001 and PCI-DSS compliance initiatives across banking and payments environments. I routinely coordinate incident response with SOCs and cross-functional teams to contain threats and provide root cause analyses.

In my current role as Head of Information Security / CISO at BancNet Inc., I oversee security strategy, budgeting, procurement, and program delivery, and I liaise with C-suite executives and industry peers to drive national payment network security. I also serve as PCI-DSS Lead Implementer and the Philippines Cybersecurity Representative for the Asia Payment Networks.

I deliver measurable improvements to organizational security posture through policy formulation, security solution POCs, forensic investigations, and enterprise-wide DR/BCP planning. I am committed to safeguarding assets, ensuring regulatory compliance, and enabling secure business operations.

Experience

Work history, roles, and key accomplishments

Current

Head of Information Security

Current

BancNet Inc.

Apr 2021 - Present (4 years 6 months)

As CISO, developed and executed information security strategy and programs, managed IS budget and assessments (PCI-DSS, ISO27001), led forensic investigations and projects, coordinated with C-suite and industry CISOs, and served as PCI-DSS lead implementer.

CISO Information Security Strategy PCI DSS ISO 27001 Forensics Security Governance Budgeting

Head - Information Security Intelligence

EastWest Bank Corporation

May 2018 - Dec 2020 (2 years 7 months)

Built intel-driven security programs including vulnerability and penetration testing, coordinated SOC response and incident containment, developed MSOC processes/playbooks, and led phishing/red team exercises while ensuring ISO27001 and regulatory compliance.

Threat Intelligence Penetration Testing SOC Incident Response Vulnerability Assessment Red Team ISO 27001

Information Security Officer

United Coconut Planters Bank

Jun 2015 - May 2018 (2 years 11 months)

Led bank-wide security awareness, deployed and upgraded security controls (firewalls, WAF, IPS, endpoint agents), conducted vulnerability assessments and red/blue teaming, and implemented ISO27001 and Data Privacy Act compliance.

ISO 27001 Vulnerability Assessment Firewalls WAF IPS Endpoint Security Red Team

Information Security Analyst

Global Payments

Jun 2014 - Aug 2014 (2 months)

Executed security awareness campaigns, managed system access matrix reviews and IT asset inventory, and conducted vulnerability assessments across Global Payments' IT assets.

Security Awareness Vulnerability Assessment IT Asset Management System Access Reviews Reporting

Education

Degrees, certifications, and relevant coursework

Mapúa Institute of Technology

Bachelor of Science, Computer Science

2010 - 2015

Completed a Bachelor of Science in Computer Science with coursework focused on software development, systems, and computing fundamentals from August 2010 to February 2015.